Cybersecurity Knowledge Extraction Using XAI

Šarčević, Ana; Pintar, Damir; Vranić, Mihaela; Krajna, Agneza

doi:10.3390/app12178669

Cited by 11 publications

(3 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…SHAP (SHapley Additive exPlanations) [17] is a post hoc, XAI technique that has been recently used in several cybersecurity domains [47,48]. In this article, it was used to explain how input values mainly condition decisions of machine learning models, as well as to understand how the the presence of adversarial attacks may have an effect on decisions of an effective machine learning model produced for Windows PE malware detection.…”

Section: Shapmentioning

confidence: 99%

Evaluating Realistic Adversarial Attacks against Machine Learning Models for Windows PE Malware Detection

Imran,

Appice,

Malerba

2024

Future Internet

View full text Add to dashboard Cite

During the last decade, the cybersecurity literature has conferred a high-level role to machine learning as a powerful security paradigm to recognise malicious software in modern anti-malware systems. However, a non-negligible limitation of machine learning methods used to train decision models is that adversarial attacks can easily fool them. Adversarial attacks are attack samples produced by carefully manipulating the samples at the test time to violate the model integrity by causing detection mistakes. In this paper, we analyse the performance of five realistic target-based adversarial attacks, namely Extend, Full DOS, Shift, FGSM padding + slack and GAMMA, against two machine learning models, namely MalConv and LGBM, learned to recognise Windows Portable Executable (PE) malware files. Specifically, MalConv is a Convolutional Neural Network (CNN) model learned from the raw bytes of Windows PE files. LGBM is a Gradient-Boosted Decision Tree model that is learned from features extracted through the static analysis of Windows PE files. Notably, the attack methods and machine learning models considered in this study are state-of-the-art methods broadly used in the machine learning literature for Windows PE malware detection tasks. In addition, we explore the effect of accounting for adversarial attacks on securing machine learning models through the adversarial training strategy. Therefore, the main contributions of this article are as follows: (1) We extend existing machine learning studies that commonly consider small datasets to explore the evasion ability of state-of-the-art Windows PE attack methods by increasing the size of the evaluation dataset. (2) To the best of our knowledge, we are the first to carry out an exploratory study to explain how the considered adversarial attack methods change Windows PE malware to fool an effective decision model. (3) We explore the performance of the adversarial training strategy as a means to secure effective decision models against adversarial Windows PE malware files generated with the considered attack methods. Hence, the study explains how GAMMA can actually be considered the most effective evasion method for the performed comparative analysis. On the other hand, the study shows that the adversarial training strategy can actually help in recognising adversarial PE malware generated with GAMMA by also explaining how it changes model decisions.

show abstract

Section: Shapmentioning

confidence: 99%

Evaluating Realistic Adversarial Attacks against Machine Learning Models for Windows PE Malware Detection

Imran,

Appice,

Malerba

2024

Future Internet

View full text Add to dashboard Cite

show abstract

“…The evaluation of the explanation also showed that utilizing the SHAP explanation technique to explain the generated subset of explanatory features is more robust than the other explanation techniques of LIME. Šarčević et al [1] provided both SHAP's XAI technique and If-then decision tree rules to extract information from a network attack dataset CIC-IDS2017 to mitigate network security. The challenges of these two techniques for information extraction were compared and their use in different situations was pointed out.…”

Section: B Xai For Modelsmentioning

confidence: 99%

“…C Ybersecurity refers to the aspect of protecting the individual or organization's network and information systems to defend against cyber attacks, including protecting data availability, confidentiality, and integrity [1]. In the era of rapid information technology development, network security is becoming increasingly important to networks and computer users.…”

Section: Introductionmentioning

confidence: 99%

AE-MLP: A Hybrid Deep Learning Approach for DDoS Detection and Classification

Wei¹,

et al. 2021

View full text Add to dashboard Cite

Distributed Denial-of-Service (DDoS) attacks are increasing as the demand for Internet connectivity massively grows in recent years. Conventional shallow machine learning-based techniques for DDoS attack classification tend to be ineffective when the volume and features of network traffic, potentially carry malicious DDoS payloads, increase exponentially as they cannot extract high importance features automatically. To address this concern, we propose a hybrid approach named AE-MLP that combines two deep learning-based models for effective DDoS attack detection and classification. The Autoencoder (AE) part of our proposed model provides an effective feature extraction that finds the most relevant feature sets automatically without human intervention (e.g., knowledge of cybersecurity professionals). The Multilayer Perceptron Network (MLP) part of our proposed model uses the compressed and reduced feature sets produced by the AE as inputs and classifies the attacks into different DDoS attack types to overcome the performance overhead and bias associated with processing large feature sets with noise (i.e., unnecessary feature values). Our experimental results, obtained through comprehensive and extensive experiments on different aspects of performance on the CICDDoS2019 dataset, demonstrate both a very high and robust accuracy rate and F1-score that exceed 98% which also outperformed the performance of many similar methods. This shows that our proposed model can be used as an effective DDoS defense tool against the growing number of DDoS attacks.

show abstract